Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2421


Vulnerability Score 5.0 5.0
CVE Id CVE-2009-2421
Last Modified 22 Jul 2009 03:11:40
Published 09 Jul 2009 12:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The CFCharacterSetInitInlineBuffer method in CoreFoundation.dll in Apple Safari 3.2.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a "high-bit character" in a URL fragment for an unspecified protocol.

Vulnerable Systems


  • Apple Safari 3.2.3


BID - 35481

BUGTRAQ - 20090623 n.runs-SA-2009.006 - Apple Safari - Null pointer dereference

Last Updated: 27 May 2016 10:50:54